No more typing reviews! Try our Samantha, our new voice AI agent.

Cybersixgill vs PortSwigger Burp Suite Enterprise Edition comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Cybersixgill
Ranking in Vulnerability Management
52nd
Average Rating
8.6
Reviews Sentiment
5.4
Number of Reviews
5
Ranking in other categories
Threat Intelligence Platforms (TIP) (14th), Digital Risk Protection (9th), Attack Surface Management (ASM) (21st)
PortSwigger Burp Suite Ente...
Ranking in Vulnerability Management
41st
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
12
Ranking in other categories
Dynamic Application Security Testing (DAST) (8th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Cybersixgill is 0.6%, up from 0.2% compared to the previous year. The mindshare of PortSwigger Burp Suite Enterprise Edition is 1.1%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
PortSwigger Burp Suite Enterprise Edition1.1%
Cybersixgill0.6%
Other97.2%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Aditya Vikram Raj - PeerSpot reviewer
Associate at a financial services firm with 10,001+ employees
Centralized threat insights have enabled comprehensive dark web exposure reporting
The best feature that Cybersixgill offers with respect to dark web intelligence is that they provide very good screenshots of where the particular data has been taken, which allows for better visualization and understanding of the scenario, with the source being indicated through onion links that can be reverse-engineered for further investigation. We were really impressed by some of the features of the platform, and we were planning to integrate it into our day-to-day work, but I'm not certain whether that happened because I was serving a notice period at that time.
OB
Studiant at Edifixio
Enables time-saving automated scanning and brute force attacks
The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically. Its automated scanning feature saves time. Additionally, using this tool provides significant security insights, making our testing process more efficient and comprehensive, leading to considerable time savings, which in turn translates to financial benefits.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses."
"The agent and agentless scanning in TotalCloud, particularly the FlexScan method, is incredibly valuable. With traditional scanning approaches, we had to give IP ranges and whitelist IPs. All that is now simplified. FlexScan requires minimal intervention, and after configuration, it automatically collects data and performs necessary scans."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"I would definitely recommend Qualys TotalCloud to other customers."
"It is a cloud-native app that integrates with both IaaS and SaaS. It seamlessly integrates with other platforms."
"We were able to realize its benefits within 24 to 48 hours."
"Its excellent graphical interface makes the scanning process simple."
"Qualys TotalCloud fulfills all these needs."
"The size and scope of the solution’s collection is amazing, and when we compare what other solutions can and cannot do, we see how Cybersixgill Investigative Portal is superior in many ways."
"If I conducted research manually it would take one week, but by using Sixgill it takes two hours or three hours."
"They also provide some of the greatest notification capabilities. I put in a customer's company name and domain names, or sometimes I put in their IP addresses as a keyword. Once Sixgill collects information that includes those keywords, they then provide us email notifications. That means we can catch information related to our customers as soon as possible."
"If you are looking for threat intelligence that can cater to various needs from IOC to threat advisories and along with dark web intelligence, then you should try Cybersixgill."
"The advanced analysis has made our security operations more efficient. It has also potentially given us quicker access to data that we might not have otherwise located."
"To be diligent for the customer, we usually go into Cybersixgill Investigative Portal to analyze and search things. The solution tells us the reputation of cyber threat actors. So, if someone has a reputation of one, it is a really bad idea to care about what that person is saying. However, if you find someone with a reputation of nine, then there is a high probability that we need to address the problem. You can get information about these type of actors in Cybersixgill Investigative Portal. They have a huge collection, which is like having the rules/goals of the dark web and deep web without having to go there. Our analysts avoid going dark web because they have Cybersixgill Investigative Portal and can get the news from their browser, searching wherever they want."
"Rather than hiring more analysts, we have been able to do more with less and automate some of our investigation functions."
"The solution’s approach of using limited open source intelligence and focusing, instead, on the Deep Web and Dark Web is what seals the deal. That is why I like them. I have other tools that I can aggregate all the open source intelligence from. I value Cybersixgill because it provides access to things that no one else does."
"We are in the early stage of using the solution making it difficult to fully determine the best features. However, we have noticed the CMDB and device discovery features look valuable at this time."
"The tool is loaded with many features that give us ROI."
"I like normal dynamic scanning, general web applications scanning, and vulnerability assessments."
"The initial setup is straightforward."
"The most valuable part is that a beginner can run those scans and the V scanning of that particular vulnerability."
"Its automated scanning feature saves time."
"The product is easy to use."
"Parallel scans can be done with PortSwigger Burp Suite Enterprise Edition."
 

Cons

"A feature improvement could be the inclusion of Windows OS support for container security, as it is currently only supported for Linux."
"I sometimes have difficulty detecting or uninstalling certain versions of applications, which I have to do manually."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness."
"Enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage."
"Qualys TotalCloud has the potential to improve by integrating a hybrid platform for comprehensive management of both on-premises and cloud infrastructures."
"The patching process with Qualys Patch Management, which is part of TotalCloud, does not cover installing certain prerequisites on the servers or workstations. This shortcoming means we must rely on SCCM when any service stack updates or additional prerequisites are needed."
"Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer."
"Regarding their scraping abilities, things could be solidified. There are definitely improvements that could be made on the specificity for setting certain queries."
"The breadth of access to data is good, but there are gaps."
"We need real-time updated information. If we could have this, it would be amazing."
"We need real-time updated information. If we could have this, it would be amazing. For example, if someone was posting something, then ten second later, it was on the platform. Sometimes, it takes a minute or hours right now, depending on the forum."
"Sixgill has strong capabilities based on search queries, but there is some difficulty in using Sixgill. Their querying is very powerful but it can be difficult. It's not hugely complex but you need some skill to use Sixgill querying."
"The breadth of access to data is good, but there are gaps. More data would be my suggestion because the platform is good and I have no complaints about the system. I think it is just a case of always trying to get more data sources."
"The cost per license per user could be cheaper, specifically for individual licensing."
"The implementation of the solution is quite complicated and could be easier."
"The solution is a bit expensive."
"Scalability could be better."
"There's definitely room for improvement. There are lots of false positives. Once I do the manual assessment, it comes as a false positive. They need to improve the Enterprise Edition, especially the part that gives false positives."
"The stability of the scans could be improved."
"From my personal experience, the solution's performance could be improved."
"PortSwigger Burp Suite Enterprise Edition should incorporate a static code analysis feature. One main issue we encounter is false positives. False positives can be challenging for developers."
 

Pricing and Cost Advice

"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"TotalCloud's price is about right where I would expect it to be."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"The cost is high, but it meets our organizational needs."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"The pricing and licensing are good. It is expensive for us because the US dollar is quite strong compared to our dollar. Otherwise, it is quite reasonable for what it is. All the tools in the market are around the same price from my experience."
"The pricing is cheap compared with Recorded Future. Sixgill's cost-effectiveness is very good."
"Sometimes, Cybersixgill Investigative Portal is cheaper than its competitors."
"For Professional, it's about $400 per year."
"PortSwigger Burp Suite Enterprise Edition is neither a cheap nor an expensive product. PortSwigger Burp Suite Enterprise Edition is a good tool for companies."
"The tool's pricing is reasonable and costs around 400 dollars per year."
"Although the solution can be a bit expensive for small companies, its pricing is fairly reasonable for its capabilities."
"PortSwigger Burp Suite Enterprise Edition is expensive compared to other solutions."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
13%
Comms Service Provider
8%
Computer Software Company
8%
Manufacturing Company
7%
Financial Services Firm
19%
Computer Software Company
7%
Construction Company
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise2
Large Enterprise7
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What needs improvement with Cybersixgill Investigative Portal?
I used Cybersixgill for only three months as a proof of concept, so I do not feel I am in a position to provide meani...
What is your primary use case for Cybersixgill Investigative Portal?
Our main use case for Cybersixgill during our proof of concept was to find a tool as a single pane of glass that woul...
What advice do you have for others considering Cybersixgill Investigative Portal?
If you are looking for threat intelligence that can cater to various needs from IOC to threat advisories and along wi...
What is your experience regarding pricing and costs for PortSwigger Burp Suite Enterprise Edition?
I am using the Community Edition, which is free, however, I understand there might be extra expenses for additional f...
What needs improvement with PortSwigger Burp Suite Enterprise Edition?
It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and...
What is your primary use case for PortSwigger Burp Suite Enterprise Edition?
I work with security testing tools for SaaS, focusing on static application security testing and using tools like Bur...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
No data available
 

Overview

 

Sample Customers

Information Not Available
Current customers include large enterprises, financial services, manufacturing, GSIs, MSSPs, government and law enforcement entities.
Nasa, Disney, Dow Jones, Iberia Bank, IBM, Ernest and Young, Apple, Ryanair, Thyssenkrupp, Delivery Hero
Find out what your peers are saying about Cybersixgill vs. PortSwigger Burp Suite Enterprise Edition and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.